gke-helmsman

There are 28 repositories under gke-helmsman topic.

  • GoogleCloudPlatform/gke-rbac-demo

    This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. Second, granting limited API access to an application running within your cluster. Since RBAC's flexibility can occasionally result in complex rules, you will also perform common steps for troubleshooting RBAC as a part of the second scenario.

    Language:HCL16132483
  • GoogleCloudPlatform/gke-private-cluster-demo

    This guide demonstrates creating a Kubernetes private cluster in Google Kubernetes Engine (GKE) running a sample Kubernetes workload that connects to a Cloud SQL instance using the cloud-sql-proxy "sidecar" authenticated using Workload Identity (Beta).

    Language:HCL15322573
  • GoogleCloudPlatform/gke-networking-demos

    This project presents a number of best practices for establishing network links between Kubernetes Engine clusters, and exposing cluster services across Google Cloud projects. You will use a set of Deployment Manager templates to create networks, subnets, vpn connections, and Kubernetes Engine clusters.

    Language:Shell13932551
  • GoogleCloudPlatform/gke-monitoring-tutorial

    This project walks you through setting up monitoring and visualizing metrics from a Kubernetes Engine cluster. The logs from the Kubernetes Engine cluster will be leveraged to walk through the monitoring capabilities of Stackdriver.

    Language:Shell109181163
  • GoogleCloudPlatform/gke-migration-to-containers

    This demo provides a basic walkthrough of migrating a stateless application from running on a VM all the way to running it on Kubernetes Engine (GKE).

    Language:Shell1073010107
  • GoogleCloudPlatform/gke-network-policy-demo

    This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communication. You will provision a simple HTTP server and two client pods in a Kubernetes Engine cluster, then use a Network Policy restrict connections from client pods.

    Language:Shell9930986
  • GoogleCloudPlatform/gke-security-scenarios-demo

    This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.

    Language:HCL9428555
  • GoogleCloudPlatform/gke-enterprise-demo

    This demo aims to show what a fully-featured project running in Kubernetes Engine looks like. It includes Elasticsearch, a very popular open-source project for indexing and searching data, as well as some custom software to interface with it.

    Language:Shell7728746
  • GoogleCloudPlatform/gke-cloud-sql-postgres-demo

    This project shows how easy it is to connect an application in Kubernetes Engine to a Cloud SQL instance, using the Cloud SQL Proxy container as a sidecar container. You will deploy a Kubernetes Engine Cluster and a Cloud SQL Postgres instance, and use the Cloud SQL Proxy container to allow communication between them.

    Language:Shell7319243
  • GoogleCloudPlatform/gke-vault-demo

    This demo builds two GKE Clusters and guides you through using secrets in Vault, using Kubernetes authentication from within a pod to login to Vault, and fetching short-lived Google Service Account credentials on-demand from Vault within a pod.

    Language:Shell7127324
  • GoogleCloudPlatform/gke-application-security-demo

    This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.

    Language:HCL6927129
  • GoogleCloudPlatform/gke-tracing-demo

    This project introduces you to Stackdriver's tracing feature, and provides a distributed tracing example that can serve as a basis for your own applications. You will deploy a multi-tier application to a Kubernetes Engine cluster and trace calls between the components.

    Language:Python6227438
  • GoogleCloudPlatform/gke-istio-telemetry-demo

    This project demonstrates how to use an Istio service mesh in a single Kubernetes Engine cluster alongside Prometheus, Jaeger, and Grafana, to monitor cluster and workload performance metrics. You will first deploy the Istio control plane, data plane, and additional visibility tools using the provided scripts, then explore the collected metrics and trace data in Grafana.

    Language:Shell6029027
  • GoogleCloudPlatform/gke-ip-address-management

    An application to help with IP Address Management (IPAM) for Google Kubernetes Engine (GKE) clusters. Easily allows the calculation of the subnets required to spin up GKE clusters in VPC-native mode. See it at: https://googlecloudplatform.github.io/gke-ip-address-management/

    Language:JavaScript5826412
  • GoogleCloudPlatform/gke-terraform-generator

    gke-tf was created to streamline the creation of customized Terraform source files that build GKE clusters and supporting resources in GCP.

    Language:Go55171724
  • GoogleCloudPlatform/gke-anthos-holistic-demo

    This repository guides you through deploying a private GKE cluster and provides a base platform for hands-on exploration of several GKE related topics which leverage or integrate with that infrastructure. After completing the exercises in all topic areas, you will have a deeper understanding of several core components of GKE and GCP as configured in an enterprise environment.

    Language:Shell5317841
  • GoogleCloudPlatform/gke-istio-gce-demo

    In this project, you will leverage Kubernetes Engine and Google Compute Engine to explore how Istio can manage services that reside outside of the Kubernetes Engine environment. You will deploy a typical Istio service mesh in Kubernetes Engine, then configure an externally deployed microservice to join the mesh.

    Language:Shell5329335
  • GoogleCloudPlatform/gke-logging-sinks-demo

    This project describes the steps required to deploy a sample application to Kubernetes Engine that forwards log events to Stackdriver Logging. As a part of the exercise, you will create a Cloud Storage bucket and a BigQuery dataset for exporting log data.

    Language:Shell5230661
  • GoogleCloudPlatform/gke-rolling-updates-demo

    This project demonstrates a different upgrade procedures best suited for clusters containing stateless and stateful workloads. You will perform the upgrades in two stages. First, the control plane is updated, then node pools are upgraded.

    Language:Shell5229134
  • GoogleCloudPlatform/gke-istio-vpn-demo

    This project demonstrates how Istio's mesh expansion feature can be used to link services accross a VPN. The feature allows for a non-Kubernetes service running outside of the Istio infrastructure on Kubernetes Engine, to be integrated into, and managed by the Istio service mesh.

    Language:Shell4629345
  • GoogleCloudPlatform/gke-stateful-applications-demo

    This project installs an Apache Cassandra database into a Kubernetes Engine cluster. Various scripts are contained within this project that provide push button creation, validation, and deletion of the Cassandra(C*) database and Kubernetes Engine cluster.

    Language:Shell4019324
  • GoogleCloudPlatform/gke-enterprise-mt

    This repository hosts the terraform module that helps setup a GKE cluster and environment based on the Enterprise Multi-Tenancy Best Practices Guide.

    Language:HCL2671612
  • GoogleCloudPlatform/gke-managed-certificates-demo

    GKE ingress with GCP managed certificates

    Language:Shell251519
  • GoogleCloudPlatform/gke-datadog-demo

    This project demonstrates how a third party solution, like Datadog, can be used to monitor a Kubernetes Engine cluster and its workloads. Using the provided manifest, you will install Datadog and a simple nginx workload into your cluster. The Datadog agents will be configured to monitor the nginx workload, and ship metrics to your own Datadog account.

    Language:Shell2328220
  • GoogleCloudPlatform/gke-istio-shared

    This is the shared project for two Kubernetes Engine demos

    Language:Shell1830122
  • GoogleCloudPlatform/gke-secure-defaults-demo

    This lab demonstrates some of the security concerns of a default Kubernetes Engine cluster configuration and the corresponding hardening measures to prevent multiple paths of pod escape and cluster privilege escalation.

    Language:Shell171216
  • alexhaislip/GKE_Notes

    A place for notes related to learning GKE.

  • mramshaw/gke-stateful-applications-demo

    This project installs an Apache Cassandra database into a Kubernetes Engine cluster. Various scripts are contained within this project that provide push button creation, validation, and deletion of the Cassandra(C*) database and Kubernetes Engine cluster.

    Language:Shell10